#!/bin/bash

######字体颜色设置#########
Green_font_prefix="\033[32m" && Red_font_prefix="\033[31m" && Green_background_prefix="\033[42;37m" && Red_background_prefix="\033[41;37m" && Font_color_suffix="\033[0m"
Yello_font_prefix="\033[33m" && Blue_font_prefix="\033[34m" && Pink_font_prefix="\033[35m"
######字体颜色设置#########

echo -e "${Green_font_prefix}关闭iptables...${Font_color_suffix}"
service iptables stop

echo -e "${Green_font_prefix}启动firewalld...${Font_color_suffix}"
systemctl start firewalld
if [ $? -eq 0 ]; then
	echo -e "${Green_font_prefix}成功!${Font_color_suffix}"
else
	echo -e "${Red_font_prefix}失败！！！！!${Font_color_suffix}"
fi

echo -e "${Green_font_prefix}设置firewalld开机启动...${Font_color_suffix}"
systemctl enable firewalld.service
if [ $? -eq 0 ]; then
	echo -e "${Green_font_prefix}成功!${Font_color_suffix}"
else
	echo -e "${Red_font_prefix}失败！！！！!${Font_color_suffix}"
fi

echo -e "${Green_font_prefix}放行常用端口:22/80 ...${Font_color_suffix}"
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload

if [ $? -eq 0 ]; then
	echo -e "${Green_font_prefix}成功!${Font_color_suffix}"
else
	echo -e "${Red_font_prefix}失败！！！！!${Font_color_suffix}"
fi

echo -e "${Green_font_prefix}已放行端口如下：${Font_color_suffix}"
firewall-cmd --zone=public --list-ports

echo -e "${Green_font_prefix}安装fail2ban...${Font_color_suffix}"
yum -y install epel-release
yum -y install fail2ban
if [ $? -eq 0 ]; then
	echo -e "${Green_font_prefix}成功!${Font_color_suffix}"
else
	echo -e "${Red_font_prefix}失败！！！！!${Font_color_suffix}"
fi

echo -e "${Green_font_prefix}复制防火墙规则...${Font_color_suffix}"
cp jail.local /etc/fail2ban
cp nginx-cc.conf /etc/fail2ban/filter.d
if [ $? -eq 0 ]; then
	echo -e "${Green_font_prefix}成功复制防火墙规则!${Font_color_suffix}"
else
	echo -e "${Red_font_prefix}复制规则失败！！！！!${Font_color_suffix}"
fi

echo -e "${Green_font_prefix}重启防火墙...${Font_color_suffix}"
systemctl restart fail2ban
if [ $? -eq 0 ]; then
	echo -e "${Green_font_prefix}全部完成!!!!!!!!!!!!!!!!!!!!!${Font_color_suffix}"
else
	echo -e "${Red_font_prefix}失败！！！！!${Font_color_suffix}"
fi